Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Change Impact Analysis for Requirement Evolution using Use Case Maps
IWPSE '05 Proceedings of the Eighth International Workshop on Principles of Software Evolution
Requirements engineering for trust management: model, methodology, and reasoning
International Journal of Information Security
Computer-aided Support for Secure Tropos
Automated Software Engineering
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
On the secure software development process: CLASP, SDL and Touchpoints compared
Information and Software Technology
Relationship-based change propagation: A case study
MISE '09 Proceedings of the 2009 ICSE Workshop on Modeling in Software Engineering
Early Identification of Problem Interactions: A Tool-Supported Approach
REFSQ '09 Proceedings of the 15th International Working Conference on Requirements Engineering: Foundation for Software Quality
Requirements Engineering - Special Issue on RE'09: Security Requirements Engineering; Guest Editors: Eric Dubois and Haralambos Mouratidis
Secure Systems Development with UML
Secure Systems Development with UML
Model-Based Argument Analysis for Evolving Security Requirements
SSIRI '10 Proceedings of the 2010 Fourth International Conference on Secure Software Integration and Reliability Improvement
Expressive modular fine-grained concurrency specification
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Incremental evaluation of model queries over EMF models
MODELS'10 Proceedings of the 13th international conference on Model driven engineering languages and systems: Part I
A quick tour of the VeriFast program verifier
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Model-Driven Risk Analysis: The CORAS Approach
Model-Driven Risk Analysis: The CORAS Approach
Selective Test Generation Method for Evolving Critical Systems
ICSTW '11 Proceedings of the 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops
Annotation inference for separation logic based verifiers
FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
Incremental security verification for evolving UMLsec models
ECMFA'11 Proceedings of the 7th European conference on Modelling foundations and applications
Dealing with known unknowns: towards a game-theoretic foundation for software requirement evolution
CAiSE'11 Proceedings of the 23rd international conference on Advanced information systems engineering
Risk analysis of changing and evolving systems using CORAS
Foundations of security analysis and design VI
A Load Time Policy Checker for Open Multi-application Smart Cards
POLICY '11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks
Model-Based Security Verification and Testing for Smart-cards
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Change-driven model transformations
Software and Systems Modeling (SoSyM)
Hi-index | 0.00 |
How to design a security engineering process that can cope with the dynamic evolution of Future Internet scenarios and the rigidity of existing system engineering processes? The SecureChange approach is to orchestrate (as opposed to integrate) security and system engineering concerns by two types of relations between engineering processes: (i) vertical relations between successive security-related processes; and (ii) horizontal relations between mainstream system engineering processes and concurrent security-related processes. This approach can be extended to cover the complete system/ software lifecycle, from early security requirement elicitation to runtime configuration and monitoring, via high-level architecting, detailed design, development, integration and design-time testing. In this paper we illustrate the high-level scientific principles of the approach.